/*
 * Zed Attack Proxy (ZAP) and its related class files.
 *
 * ZAP is an HTTP/HTTPS proxy for assessing web application security.
 *
 * Copyright 2012 The ZAP Development Team
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.zaproxy.zap.extension.httpsessions;

import java.net.HttpCookie;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.httpclient.Cookie;

/**
 * The Class HttpSession defines the data that is stored regarding an existing HTTP session on a
 * particular site.
 *
 * <p>The session can be invalidated and should only be used while it is valid.
 */
public class HttpSession {

    /** The name. */
    private String name;

    /** Whether it is active. */
    private boolean active;

    /** The session tokens' values for this session. */
    private Map<String, Cookie> tokenValues;

    /** Whether this session is valid. */
    private boolean valid;

    /** The number of http messages that matched this session. */
    private int messagesMatched;

    private HttpSessionTokensSet tokenNames;

    /**
     * Instantiates a new http session.
     *
     * @param name the name
     * @param tokenNames the token names
     */
    public HttpSession(String name, HttpSessionTokensSet tokenNames) {
        super();
        this.name = name;
        this.active = false;
        this.valid = true;
        this.messagesMatched = 0;
        this.tokenValues = new HashMap<>(1);
        this.tokenNames = tokenNames;
    }

    public HttpSessionTokensSet getTokensNames() {
        return tokenNames;
    }

    /**
     * Gets the name.
     *
     * @return the name
     */
    public String getName() {
        return name;
    }

    /**
     * Sets the name.
     *
     * @param name the new name
     */
    public void setName(String name) {
        this.name = name;
    }

    /**
     * Checks if it is active.
     *
     * @return true, if is active
     */
    public boolean isActive() {
        return active;
    }

    /**
     * Sets whether it is active.
     *
     * @param active the new active
     */
    public void setActive(boolean active) {
        this.active = active;
    }

    /**
     * Sets a particular value for a session token. If the value is null, that token is deleted from
     * the session.
     *
     * @param tokenName the token name
     * @param value the new value of the token, or null, if the token has to be deleted
     */
    public void setTokenValue(String tokenName, Cookie value) {
        if (value == null) {
            tokenValues.remove(tokenName);
        } else {
            tokenValues.put(tokenName, value);
        }
    }

    /**
     * Gets the token value.
     *
     * @param tokenName the token name
     * @return the token value
     */
    public String getTokenValue(String tokenName) {
        Cookie ck = tokenValues.get(tokenName);
        if (ck != null) {
            return ck.getValue();
        }
        return null;
    }

    /**
     * Checks if a particular cookie has the same value as one of the token values in the HTTP
     * session. If the {@literal cookie} parameter is null, the session matches the token if it does
     * not have a value for the corresponding token.
     *
     * @param tokenName the token name
     * @param cookie the cookie
     * @return true, if true
     */
    public boolean matchesToken(String tokenName, HttpCookie cookie) {
        // Check if the cookie is null
        if (cookie == null) {
            return tokenValues.containsKey(tokenName) ? false : true;
        }

        // Check the value of the token from the cookie
        String tokenValue = getTokenValue(tokenName);
        if (tokenValue != null && tokenValue.equals(cookie.getValue())) {
            return true;
        }
        return false;
    }

    /**
     * Removes a given token.
     *
     * @param tokenName the token name
     */
    public void removeToken(String tokenName) {
        tokenValues.remove(tokenName);
    }

    @Override
    public String toString() {
        return "HttpSession [name="
                + name
                + ", active="
                + active
                + ", tokenValues='"
                + getTokenValuesString()
                + "']";
    }

    /**
     * Gets the token values string representation.
     *
     * @return the token values string
     */
    public String getTokenValuesString() {
        if (tokenValues.isEmpty()) {
            return "";
        }
        StringBuilder buf = new StringBuilder();

        for (Map.Entry<String, Cookie> entry : tokenValues.entrySet()) {
            buf.append(entry.getKey()).append('=').append(entry.getValue().getValue()).append(';');
        }
        buf.deleteCharAt(buf.length() - 1);

        return buf.toString();
    }

    @Override
    public int hashCode() {
        final int prime = 31;
        int result = 1;
        result = prime * result + ((name == null) ? 0 : name.hashCode());
        return result;
    }

    @Override
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null) {
            return false;
        }
        if (getClass() != obj.getClass()) {
            return false;
        }
        HttpSession other = (HttpSession) obj;
        if (name == null) {
            if (other.name != null) {
                return false;
            }
        } else if (!name.equals(other.name)) {
            return false;
        }
        return true;
    }

    /**
     * Checks if the session is still valid.
     *
     * @return true, if is valid
     */
    public boolean isValid() {
        return valid;
    }

    /** Invalidates the session. */
    public void invalidate() {
        this.valid = false;
    }

    /**
     * Gets the token values count.
     *
     * @return the token values count
     */
    public int getTokenValuesCount() {
        return this.tokenValues.size();
    }

    /**
     * Gets an unmodifiable view of the token values map. . Query operations on the returned map
     * "read through" to the specified map, and attempts to modify the returned map, whether direct
     * or via its collection views, result in an {@link UnsupportedOperationException}.
     *
     * @return the token values unmodifiable map
     */
    public Map<String, Cookie> getTokenValuesUnmodifiableMap() {
        return Collections.unmodifiableMap(tokenValues);
    }

    /**
     * Gets the number of http messages that matched this session.
     *
     * @return the messages matched
     */
    public int getMessagesMatched() {
        return messagesMatched;
    }

    /**
     * Sets the number of http messages that matched this session.
     *
     * @param messagesMatched the new messages matched count
     */
    public void setMessagesMatched(int messagesMatched) {
        this.messagesMatched = messagesMatched;
    }
}
